Active Threat Alerts

Mitigate Microsoft Exchange Server Vulnerabilities
Microsoft has released out-of-band security updates to address…
March 4, 2021/by SecureTech

Exploitation of Accellion File Transfer Appliance

This joint advisory is the result of a collaborative effort…

February 24, 2021/by SecureTech

AppleJeus-Analysis-of-North-Koreas-Cryptocurrency-Malware.png — AppleJeus: Analysis of North Korea’s Cryptocurrency Malware
The North Korean government has used multiple versions of AppleJeus…
February 17, 2021/by SecureTech

Compromise of U.S. Water Treatment Facility

Summary

On February 5, 2021, unidentified…

February 12, 2021/by SecureTech

Detecting Post-Compromise Threat Activity in Microsoft Cloud Environments

This Advisory uses the MITRE Adversarial Tactics, Techniques,…

January 8, 2021/by SecureTech

Advanced Persistent Threat Compromise of Government Agencies, Critical Infrastructure, and Private Sector Organizations

This Alert uses the MITRE Adversarial Tactics, Techniques,…

December 18, 2020/by SecureTech

Cyber-Actors-Target-K-12-Distance-Learning-Education-to-Cause-Disruptions.png — Cyber Actors Target K-12 Distance Learning Education to Cause Disruptions and Steal Data
This Joint Cybersecurity Advisory was coauthored by the Federal…
December 11, 2020/by SecureTech

Advanced Persistent Threat Actors Targeting U.S. Think Tanks

This Advisory uses the MITRE Adversarial Tactics, Techniques,…

December 1, 2020/by SecureTech

Iranian-Advanced-Persistent-Threat-Actor-Identified-Obtaining-Voter-Registration-Data.png — Iranian Advanced Persistent Threat Actor Identified Obtaining Voter Registration Data
This advisory uses the MITRE Adversarial Tactics, Techniques,…
October 31, 2020/by SecureTech

Ransomware Activity Targeting the Healthcare and Public Health Sector

This advisory uses the MITRE Adversarial Tactics, Techniques,…

October 29, 2020/by SecureTech

North Korean Advanced Persistent Threat Focus: Kimsuky

This advisory uses the MITRE Adversarial Tactics, Techniques,…

October 28, 2020/by SecureTech

FASTCash 2.0: North Korea’s BeagleBoyz Robbing Banks
North Korea's intelligence apparatus controls a hacking team…
October 27, 2020/by SecureTech

Technical-Approaches-to-Uncovering-and-Remediating-Malicious-Activity.png — Technical Approaches to Uncovering and Remediating Malicious Activity
This joint advisory is the result of a collaborative research…
October 26, 2020/by SecureTech

Chinese Ministry of State Security-Affiliated Cyber Threat Actor Activity

Through the operation of the National Cybersecurity Protection…

October 25, 2020/by SecureTech

Iran-Based Threat Actor Exploits VPN Vulnerabilities

This Alert uses the MITRE Adversarial Tactics, Techniques,…

October 24, 2020/by SecureTech

AA20-133A: Top 10 Routinely Exploited Vulnerabilities

Original release date: May 12, 2020SummaryThe Cybersecurity and…

June 8, 2020/by

AA20-126A: APT Groups Target Healthcare and Essential Services

Original release date: May 5, 2020SummaryThis is a joint alert…

May 9, 2020/by

AA20-099A: COVID-19 Exploited by Malicious Cyber Actors

Original release date: April 8, 2020SummaryThis is a joint alert…

April 9, 2020/by

Vulnerability Summary for the Week of March 2, 2020

Original release date: March 9, 2020The CISA Weekly Vulnerability…

March 10, 2020/by

Vulnerability Summary for the Week of January 13, 2020

Original release date: January 20, 2020The CISA Weekly Vulnerability…

February 9, 2020/by